6 matches found
RHCOS 4 : Red Hat OpenShift Container Platform 4.1 jenkins-2-plugins (RHSA-2019:2662)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2662 advisory. - jenkins-plugin-script-security: Sandbox bypass through type casts in Script Security Plugin CVE-2019-10355 -...
Important: Red Hat Security Advisory: Red Hat OpenShift Container Platform 4.1 jenkins-2-plugins security update
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 7 : Red Hat OpenShift Container Platform 4.1 jenkins-2-plugins (RHSA-2019:2662)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2662 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
Important: Red Hat Security Advisory: Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins security update
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2019-10355
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-10355
CVE-2019-10355 is a sandbox bypass in the Jenkins Script Security Plugin (versions up to 1.61 and earlier) that lets attackers escape the sandbox by exploiting how type casts are handled, enabling arbitrary code execution in sandboxed Groovy scripts. The vulnerability affected the plugin used wit...